Security Auditing
I will end this chapter by presenting a useful feature WCF supports called
security audits. As its name implies, a security audit is a logbook
of the security-related events in your services. WCF can log authentication and
authorization attempts, their times and locations, and the calling clients' identities. The
class ServiceSecurityAuditBehavior governs auditing; it
is listed in Example 10-30 along with its
supporting enumerations.
Example 10-30. The ServiceSecurityAuditBehavior class
public enum AuditLogLocation
{
Default, //Decided by the operating system
Application,
Security
}
public enum AuditLevel
{
None,
Success,
Failure,
SuccessOrFailure
}
public sealed class ServiceSecurityAuditBehavior : IServiceBehavior
{
public AuditLogLocation AuditLogLocation
{get;set;}
public AuditLevel MessageAuthenticationAuditLevel
{get;set;}
public AuditLevel ServiceAuthorizationAuditLevel
{get;set;}
//More members
}ServiceSecurityAuditBehavior is a service behavior.
The AuditLogLocation property specifies where to store
the log entries: in the application log or in the security log, both of which are in the
event log on the host computer. The MessageAuthenticationAuditLevel property governs the authentication audit
verbosity. Its default value is AuditLevel.None. For
performance's sake, you may want to audit only failures. For diagnostic purposes, you can
also audit successful authentications. Similarly, you use the ServiceAuthorizationAuditLevel property to control authorization ...
Get Programming WCF Services, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
